634fa38dff59c82529191ebcbf69ea0a_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

634fa38dff59c82529191ebcbf69ea0a_JaffaCakes118
Size

101KB
MD5

634fa38dff59c82529191ebcbf69ea0a
SHA1

5cc14425ab1466ec12ec9ccd087e383955fe3ecd
SHA256

8608b291474ff707d024737b48ac7c5bfdd796016234dfb460072b3cb3af37cc
SHA512

6bc4b0df0fd38ab8d412be3c59a0587d7fa3c5727c144cee96c06eb6195029dc82fa854d709c837dbe2d6449e6ec15cfd750334451e2b03c1477c7d3cfe428c0
SSDEEP

3072:H2UCQDawkpSrCe31qv86Xj6sqizpZXRBfy8leW:WUCglrCe31qFT6s1zpxRpleW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
634fa38dff59c82529191ebcbf69ea0a_JaffaCakes118

Files

634fa38dff59c82529191ebcbf69ea0a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

0dba0240e0cd79a34e6e3cfa7ca3919c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

EnableWindow
MessageBoxW
wsprintfW
WinHelpW
GetDC
GetParent
InsertMenuItemW
RegisterClipboardFormatW
SendDlgItemMessageW
ReleaseDC
GetDlgItem
SetWindowLongW
LoadImageW
LoadBitmapW
LoadIconW
SetWindowTextW
PostMessageW
LoadCursorW
DialogBoxParamW
EndDialog
SetFocus
GetWindowLongW
SendMessageW
GetDlgItemTextA
LoadStringW
SystemParametersInfoW
SetCursor
SetDlgItemTextW

msvcrt

??1type_info@@UAE@XZ
??3@YAXPAX@Z
memmove
free
wcscpy
wcslen
_adjust_fdiv
_onexit
wcsstr
wcscat
wcschr
wcstoul
_initterm
malloc
mbstowcs
_purecall
__RTDynamicCast
wcscmp
_wcsicmp
vswprintf
wcsrchr
?terminate@@YAXXZ
??2@YAPAXI@Z
_except_handler3
__dllonexit
_wcsupr

certcli

CAEnumCertTypes
CAFreeCertTypeProperty
CAGetCertTypeExtensions
CASetCertTypeProperty
CACreateCertType
CAFindByName
CAEnumNextCertType
CAGetCertTypeFlags
CAGetCAProperty
CAAddCACertificateType
CAEnumCertTypesForCA
CARemoveCACertificateType
CAUpdateCertType
CAUpdateCA
CACloseCertType
CAFreeCAProperty
CAFreeCertTypeExtensions
CASetCertTypeKeySpec
CACertTypeSetSecurity
CAFindCertTypeByName
CAGetCertTypeKeySpec
CAGetCertTypeProperty
CASetCertTypeFlags
CACloseCA
CACertTypeGetSecurity
CAGetCertTypePropertyEx
CASetCertTypeExtension

kernel32

FileTimeToSystemTime
lstrcpyW
lstrcmpiW
LocalReAlloc
IsBadReadPtr
DeleteCriticalSection
GlobalLock
GetModuleHandleA
GetLastError
FormatMessageW
SetUnhandledExceptionFilter
GetTickCount
CloseHandle
GetDateFormatW
QueryPerformanceCounter
WideCharToMultiByte
lstrlenW
OutputDebugStringA
GlobalUnlock
RemoveDirectoryA
GlobalFree
GlobalAlloc
LocalFree
GetModuleFileNameW
GetComputerNameW
FileTimeToLocalFileTime
GetSystemTimeAsFileTime
GetEnvironmentStringsW
GetStartupInfoA
GetACP
InterlockedDecrement
CreateFileW
SetLastError
GetSystemWindowsDirectoryW
GetSystemDefaultLangID
LoadLibraryW
GetCurrentProcess
InterlockedIncrement
OutputDebugStringW
InitializeCriticalSection

comctl32

CreatePropertySheetPageW
PropertySheetW

advapi32

RegOpenKeyExW
RegCreateKeyExW
RegDeleteValueW
RegEnumKeyExW
RegCloseKey
RegDeleteKeyW
RegSetValueExW
RegQueryValueExW

Sections

.text
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0dba0240e0cd79a34e6e3cfa7ca3919c

Headers

File Characteristics

Imports

user32

msvcrt

certcli

kernel32

comctl32

advapi32

Sections

.text Size: 47KB - Virtual size: 47KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 74KB

.rsrc Size: 23KB - Virtual size: 22KB

.text
Size: 47KB - Virtual size: 47KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 74KB

.rsrc
Size: 23KB - Virtual size: 22KB